Your IP Spend - Understood
Our software makes it possible 808.891.0099

Product Access

Quantify IP > Security

User Settings	Critical Settings	in-house charges	calculation settings	report settings	country specific
translation settings	prosecution settings	associate charges	timeline settings	home country	bill your clients

view listing	edit listing	free estimate for home country	submit fee schedule
upgrade to featured listing	pay for featured listing	remove listing

Security | Quantify IP

Global IP Estimator Online Security

Quantify IP is committed to data security and customer privacy. Anaqua hosts the application website as well as data servers.

The scope of this page covers the “Global IP Estimator” website and its data.

Architecture

The estimator.quantifyip.com> website hosted by Anaqua (in Azure), provides a user interface to access the Global IP Estimator web application. Each customer assigns an internal administrative manager to create and maintain individual user accounts, thus controlling passwords protecting access to the data.

The Application server(s) stores the website. A separate SQL server stores SQL Database files containing user accounts and custom user settings. Access to the information stored on the application and data servers is only available to authorized users for each company via website user interface. End users do not have desktop access to these servers, and reports can only be retrieved by downloading them from the application’s website. Viewing and downloading reports is only available to authorized logged in users.

The Application and SQL server are only available to authorized Administrators for setup and maintenance.

Security Policies

In addition to those of our partners, Quantify IP maintains an internal Information Security Policy and Risk Assessment Policy. The policies are updated and reviewed with employees on at least an annual basis.

Privacy

Quantify IP, along with our partners, are compliant with the EU General Data Protection Regulation.

Quantify IP Privacy Policy: https://www.quantifyip.com/quantify-ip/legal/privacy-policy.aspx

Access Control

Quantify IP grants access on a need to know basis of least privilege rules, reviews permissions quarterly, and revokes access immediately after employee termination. Access to system and application components are limited to only those users whose job requires such access.

Highly-sensitive duties and areas of responsibility are segregated to reduce opportunities for unauthorized modification, fraud, or misuse of assets.

Multi-factor authentication is required for employee remote access to internal systems.

Hosting providers are restricted from access to Quantify IP data.

Vulnerability Testing

Vulnerability assessments, scans and penetration tests are performed by Quantify IP at least annually on both internal and external networks and services.

A plan is in place to remediate all issues that were ranked Critical or High within 90 days.

Event and Communications Management

An Incident Management process is utilized to investigate and track identified and reported security issues to resolution.

A Change Management process ensures a review for potential security impacts when changes are made.

Internal Data Security

Internally, Quantify IP utilizes multilayered end point security as well as a firewall and SMTP and DNS filtering. A network intrusion detection/prevention system and audit logging is in place, and detected issues enter into the Incident Management process.

All servers and workstations are backed up according to a specified schedule, and back up data is securely stored off-site. Disaster recovery testing is conducted to ensure proper restoration.

Client data is encrypted in storage and transmitted to cloud services using industry-standard SSL/TLS encryption for data in transfer.

Remote users connect to Quantify IP resources using SSL/TLS and AES-256 encryption.

Critical security patches are evaluated and applied with one month of issuance.

Encryption keys are stored and managed in a central location, separate from the data it encrypts.

A data destruction and disposal program is in place to ensure data protection at the time of system retirement.

This website contains cryptography software by David Ireland of DI Management Services Pty Ltd <www.di-mgt.com.au>.

This product includes software developed by vbAccelerator (/index.html).

Physical Security

In addition to those of our hosting providers, Quantify IP maintains a documented internal physical security policy that is approved by management and communicated to employees.